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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 10 September 2004 . 
2a)[3 This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) IE Claim(s) 1-40 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) 1-40 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) n The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 185(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . This communication is in response to applicants' amendment received on 
September 10, 2004. 

2. Applicants' arguments have been fully considered but they are not persuasive. 

3. Applicants argue as follows: 

On page 1 1 , paragraph 4: "Neither Saylor, Jordin, or combinations thereof 
provide such teachings or suggestions to integrate SSL with Voice Browsers." 

On page 12, paragraph 5: "That is, Saylor fails to teach or suggest that the 
communication channel in which information is conveyed between the voice server and 
the voice browser should be secured." 

On page 13, paragraph 2: "Jardin is silent in regard to performing secured 
communications between a Voice Browser and a network device and in regard to 
securely communicating VoiceXML-based Web content." 

Saylor on col. 1 1 , lines 29-36, teaches: Tor example, if a content provider 
creates a VPage with several transactions, the content provider may want to 
authenticate callers with called identification and password authentication to make sure 
that the transactions are secure . If a user and content provider have both set up 
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authentications, then the authentication module may select between the two, such as by 
selecting the most secure method." And also on col. 20, lines 33-35, teaches: 
"Authentication/Security module 45 authenticates users that dial into the VNAP, as 
described above, and may also provide for network security." These teachings are 
indication of a secure communication. 

Jardin in abstract describes: "In another embodiment, the broker establishes a 
secure SSL link with the one or more fulfillment servers." And on col. 4, lines 1 1-46 
describes: "The broker 120 is configured to support several SSL links and, in one 
embodiment, the broker 120 may support up to 600 SSL links or transactions per 
second. Communication between the broker 120 and multiple clients is typically 
provided by the characteristics of the communication protocol. ... Communications 
over the network 150 may include transmission and reception of secure data between 
the client 110 and broker 120. As noted above, the network 150 may implement 
TCP/IP protocols (such as the Internet) and apply one or more security protocols, such 
as SSL, IPSec, or others. ... The broker 120 responds to the client 1 10 by transmitting 
a packet having a set ACK bit, and the client 110 acknowledges the acknowledgement 
of the broker 120 by transmitting a packet having a set ACK bit. In addition to 
establishing a handshake pursuant to the network protocol, performing a handshake in 
accordance with the specification of the secure protocol (e.g., SSL) may be required." 
These indicate that Jardin expressly teaches the establishment of a secure session 
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between a client (corresponding to the applicants' voice browser) and the broker's web 
server. 

Thus combination of Saylor and Jardin meet the limitation of establishing a 
secure communication between a voice browser and a web server for transmitting 
encrypted VoiceXML-based web content. 

4. With regard to applicants' argument on page 13, paragraph 3, Saylor teaches a 
challenging process for authentication of the user (see col. 10, lines 34-39) and mutual 
authentication of the user and server (see column 1 1 , lines 33-36), but does not 
expressly teach a challenging process for authenticating the server. Jardin, however, 
teaches that both client and the provider authenticate each other in a challenging 
fashion (see col. 2, lines 25-30 and col. 5, lines 7-15). The rejection of claims 7, 8, 27, 
and 28 is corrected to address this concern (please see the rejection of these calims 
below). 

5. With regard to applicants' argument on page 13, paragraph 4, regarding the 
rejection of claims 9 and 10 the referencing is correct to point to the correct part of the 
Saylor (please see the rejection of these claims below). 

6. However, in view of the above submission examiner maintains the previous claim 
rejections 35 USC § 103 (a) with miner corrections to reflect the above concerns at 
paragraphs 4 and 5. 
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Previous Rejection: 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-40 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

Saylor et al. (6,707,889 B1 ; hereinafter Saylor) in view of Jardin (6,681 ,327 B1 ). 

Claims 1,4, 14, 15, 1 9-21 , 24. 34. 35. 39 and 40 

Saylor teaches a method for secure communication between a voice browser 
and a server (corresponding to the recited network device) with XML-based content 
transaction (col. 10, lines 17-40; col. 26, lines 45-63). Saylor also teaches an 
authentication process for a secure transaction between the Voice browser and the 
network server storing XML-based voice files (i.e., VoiceXML Browser Server) (col. 2, 
lines 1-25; col. 11, lines 24-36; col. 17, lines 16-39). Saylor, however, does not 
expressly disclose the encryption of VoiceXML-based content transmitted between a 
voice browser and a server. 

Jardin discloses a system for a secure client-server communication over Internet 
using a secure links such as secure socket layer (SSL) and IPSec (see abstract; col. 1 , 
line 40-col. 2, line 30; col. 2, lines 55-67). Jardin discloses that the client request for 
establishing a secure link with a server is transmitted to the server (col. 3, lines 14-22; 
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Fig. 2). Jordan also discloses that the server sends a digital certificate to the client (col. 
5, lines 7-10). Jardin further discloses that the client and server authenticate each other 
and negotiate shared secrets and an algorithm for encrypting the transmitting 
information between the client and server (col. 4, lines 48-67; col. 5, lines 20-30; col. 5, 
lines 53-60). Jardin system uses the negotiated shared secret(s) to encrypt the 
transaction exchanged between the client and server. 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to implement the encryption of the XML-based 
transaction between a voice browser and a server using a negotiated shared secret(s) 
as taught in Jardin in the system of Saylor, because it would ensure the privacy of the 
information being transmitted from a sender to a recipient (col. 1, lines 40-45). 

Claims 2. 3. 5, 6, 18, 22, 23. 25. 26 and 38 

Jardin discloses that during the authentication process digital certificates, which 
are compliant with X.509 and contain the client and server public keys are transmitted to 
the server and client (corresponding to the recited Voice Browser) (col. 4, lines 48-55; 
col. 5, lines 7-15; col. 5, lines 39-42). 

Claims 8 and 28 

Saylor discloses that during the authentication process the server prompts the 
user to prove its identity by providing authentication information (col. 10, lines 35-40). 
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Claims 7, 8. 27 and 28 

Jardin discloses that during the authentication process both client and server 
(i.e., voice browser and network device) are challenged to prove their identities (col. 1 , 
lines 49-65; col. 2, lines 25-30; col. 4, lines 47-54; col. 5, lines 7-15). 

Claims 9 and 10 

Saylor discloses that in order to provide greater security during authentication 
and preventing misuse of the system a higher level of authentication may be 
implemented (corresponding to the recited public key cryptography) (col. 17, lines 16- 
31; col. 22, lines 39-45). 

Claims 9. 10. 29 and 30 

Jardin discloses that in order to prevent eavesdrop by hackers during 
authentication, public key cryptography is used to provide greater security (col. 1 , lines 
51-61). 

Claims 11. 12. 31 and 32 

Jardin discloses the use of public key cryptography technique for generating a 
shared secret(s) (col. 4, lines 48-55). 
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Claims 13, 16, 17, 33. 36 and 37 

Jardin discloses that during negotiating process between a client and a server a 
list of cipher suites (corresponding to the recited a list of supported symmetrical 
cryptographic algorithm) are exchanged in order to select an algorithm for encrypting 
and decrypting the exchanged information between the sender and recipient (col. 4, line 
59- col. 5, line 15). 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-T 8-6. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilbert© Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner /? 
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